Designing an agent-based RBAC system for dynamic security policy

Author

Yamazaki, Wataru ; Hiraishi, Hironori ; Mizoguchi, Fumio

Author_Institution

Inf. Media Center, Tokyo Univ. of Sci., Japan

fYear

2004

fDate

14-16 June 2004

Firstpage

199

Lastpage

204

Abstract

Most practical applications have dynamic attributes, but conventional access control mechanisms have not addressed the problem sufficiently. We discuss how to realize an access control system that enables us to manage dynamic security policies. Our proposed method is based on role-based access control (RBAC), and the agent decides access rights dynamically for the abstract role, which is defined by the role administrator statically using context-enabled rules and an inference engine. By defining rules using declarative representation (logic programming style), bidirectional queries can be realized for user-role-permission relationships. We demonstrate the usefulness of our proposed system by presenting our project management application and its access control system.

Keywords

authorisation; inference mechanisms; knowledge representation; logic programming; project management; software agents; Web-based role server; agent-based RBAC system design; bidirectional queries; context-enabled rules; declarative representation; dynamic security policy; inference engine; logic programming; project management application; role based access control system; user-role-permission relationships; Access control; Application software; Chromium; Computer errors; Engines; Error correction; Information security; Logic programming; Permission; Project management;

fLanguage

English

Publisher

ieee

Conference_Titel

Enabling Technologies: Infrastructure for Collaborative Enterprises, 2004. WET ICE 2004. 13th IEEE International Workshops on

ISSN

1524-4547

Print_ISBN

0-7695-2183-5

Type

conf

DOI

10.1109/ENABL.2004.22

Filename

1376833